powershellmagazine.com
Open in
urlscan Pro
185.199.111.153
Public Scan
Submission: On February 02 via api from IN — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 24th 2022. Valid for: 3 months.
This is the only time powershellmagazine.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 185.199.111.153 185.199.111.153 | 54113 (FASTLY) (FASTLY) | |
2 | 2a00:1450:400... 2a00:1450:400d:806::200e | 15169 (GOOGLE) (GOOGLE) | |
18 | 76.223.126.88 76.223.126.88 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a05:d014:275... 2a05:d014:275:cb00::c8 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a04:4e42:200... 2a04:4e42:200::485 | 54113 (FASTLY) (FASTLY) | |
2 | 199.232.196.134 199.232.196.134 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:400d:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a01:7e01::f0... 2a01:7e01::f03c:92ff:fe8f:edc6 | 63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies) | |
3 | 2a00:1450:400... 2a00:1450:400d:80a::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 185.199.109.154 185.199.109.154 | 54113 (FASTLY) (FASTLY) | |
36 | 11 |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com
powershellmagazine.com |
ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
powershellmag.goatcounter.com |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-154.github.com
github.githubassets.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
giscus.app
giscus.app — Cisco Umbrella Rank: 210595 |
103 KB |
5 |
powershellmagazine.com
powershellmagazine.com |
602 KB |
3 |
gstatic.com
fonts.gstatic.com |
51 KB |
2 |
disqus.com
powershellmagazine.disqus.com |
2 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21 |
20 KB |
1 |
githubassets.com
github.githubassets.com — Cisco Umbrella Rank: 8980 |
18 KB |
1 |
goatcounter.com
powershellmag.goatcounter.com |
809 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34 |
1 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 198 |
355 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 359 |
5 KB |
1 |
zgo.at
gc.zgo.at — Cisco Umbrella Rank: 230333 |
3 KB |
36 | 11 |
Domain | Requested by | |
---|---|---|
18 | giscus.app |
powershellmagazine.com
giscus.app |
5 | powershellmagazine.com |
powershellmagazine.com
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | powershellmagazine.disqus.com |
powershellmagazine.com
powershellmagazine.disqus.com |
2 | www.google-analytics.com |
powershellmagazine.com
www.google-analytics.com |
1 | github.githubassets.com |
giscus.app
|
1 | powershellmag.goatcounter.com |
powershellmagazine.com
|
1 | fonts.googleapis.com |
cdn.jsdelivr.net
|
1 | cdnjs.cloudflare.com |
powershellmagazine.com
|
1 | cdn.jsdelivr.net |
powershellmagazine.com
|
1 | gc.zgo.at |
powershellmagazine.com
|
36 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.blackhat.com |
defcon.org |
www.microsoft.com |
www.facebook.com |
twitter.com |
github.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
powershellmagazine.com R3 |
2022-12-24 - 2023-03-24 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
giscus.app R3 |
2023-01-15 - 2023-04-15 |
3 months | crt.sh |
gc.zgo.at R3 |
2023-01-13 - 2023-04-13 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
*.disqus.com Sectigo RSA Domain Validation Secure Server CA |
2022-04-20 - 2023-04-20 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
*.goatcounter.com R3 |
2023-01-29 - 2023-04-29 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
*.githubassets.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-10-05 - 2023-10-05 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://powershellmagazine.com/2014/07/16/investigating-powershell-attacks/
Frame ID: 912208A64631AFCD3CE512EF1C8481BA
Requests: 18 HTTP requests in this frame
Frame:
https://giscus.app/en/widget?origin=https%3A%2F%2Fpowershellmagazine.com%2F2014%2F07%2F16%2Finvestigating-powershell-attacks%2F&session=&theme=light&reactionsEnabled=1&emitMetadata=0&inputPosition=top&repo=PowerShell-Magazine%2Fsite&repoId=MDEwOlJlcG9zaXRvcnkzNTI2MTE1NDQ%3D&category=Announcements&categoryId=DIC_kwDOFQRs2M4CTpUi&strict=1&description=For+the+most+powerful+community&backLink=https%3A%2F%2Fpowershellmagazine.com%2F2014%2F07%2F16%2Finvestigating-powershell-attacks%2F&term=2014%2F07%2F16%2Finvestigating-powershell-attacks%2F
Frame ID: 2C1D69A113F61448C5741991C51B3A0A
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Investigating PowerShell AttacksDetected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Black Hat USA
Search URL Search Domain Scan URL
Title: DEF CON
Search URL Search Domain Scan URL
Title: Mitigating Pass-the-Hash
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
powershellmagazine.com/2014/07/16/investigating-powershell-attacks/ |
424 KB 105 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syntax.css
powershellmagazine.com/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
powershellmagazine.com/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
matt-hastings.jpg
powershellmagazine.com/images/author/ |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.js
giscus.app/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
count.js
gc.zgo.at/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfontloader.js
cdn.jsdelivr.net/gh/theprojectsomething/webfontloader@feature/google-fonts-v2/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
count.js
powershellmagazine.disqus.com/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/js/ |
1 MB 355 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-bg.svg
powershellmagazine.com/2014/07/16/images/backgrounds/ |
461 KB 461 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget
giscus.app/en/ Frame 2C1D |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
count-data.js
powershellmagazine.disqus.com/ |
289 B 870 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 212 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
count
powershellmag.goatcounter.com/ |
43 B 809 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light.css
giscus.app/themes/ Frame 2C1D |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eff1ba2c54f8fead.css
giscus.app/_next/static/css/ Frame 2C1D |
35 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-e347db1799f97f36.js
giscus.app/_next/static/chunks/ Frame 2C1D |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework-23bee438748717e6.js
giscus.app/_next/static/chunks/ Frame 2C1D |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-59db0f43786f3c48.js
giscus.app/_next/static/chunks/ Frame 2C1D |
106 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_app-ceb9ca87e9aa017c.js
giscus.app/_next/static/chunks/pages/ Frame 2C1D |
34 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0e226fb0-b55bb71ec498fa7a.js
giscus.app/_next/static/chunks/ Frame 2C1D |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8335-8143afbef6b5eba8.js
giscus.app/_next/static/chunks/ Frame 2C1D |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1251-eb43e9deab192890.js
giscus.app/_next/static/chunks/ Frame 2C1D |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-6f26ac253f31437c.js
giscus.app/_next/static/chunks/pages/ Frame 2C1D |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_buildManifest.js
giscus.app/_next/static/c_5v97wPglgc9vgODoL72/ Frame 2C1D |
510 B 691 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ssgManifest.js
giscus.app/_next/static/c_5v97wPglgc9vgODoL72/ Frame 2C1D |
88 B 287 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mona-loading-default.gif
github.githubassets.com/images/ Frame 2C1D |
18 KB 18 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
discussions
giscus.app/api/ Frame 2C1D |
32 B 112 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
discussions
giscus.app/api/ Frame 2C1D |
32 B 212 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
74.dba2773f28b2d6c8.js
giscus.app/_next/static/chunks/ Frame 2C1D |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light.css
giscus.app/themes/ Frame 2C1D |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontentvisibilityautostatechange boolean| doNotTrack function| ga object| WebFont object| fuseOptions string| searchQuery function| executeSearch function| populateResults function| param function| render function| preloader function| $ function| jQuery object| bootstrap function| Instafeed function| Fuse function| Mark number| summaryInclude object| DISQUSWIDGETS undefined| disqus_domain undefined| disqus_shortname object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| goatcounter3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.powershellmagazine.com/ | Name: _ga Value: GA1.2.2108397245.1675345437 |
|
.powershellmagazine.com/ | Name: _gid Value: GA1.2.850548015.1675345437 |
|
.powershellmagazine.com/ | Name: _gat Value: 1 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556952 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
gc.zgo.at
giscus.app
github.githubassets.com
powershellmag.goatcounter.com
powershellmagazine.com
powershellmagazine.disqus.com
www.google-analytics.com
185.199.109.154
185.199.111.153
199.232.196.134
2606:4700::6811:180e
2a00:1450:400d:806::200e
2a00:1450:400d:80a::2003
2a00:1450:400d:80e::200a
2a01:7e01::f03c:92ff:fe8f:edc6
2a04:4e42:200::485
2a05:d014:275:cb00::c8
76.223.126.88
1a5b3cbbfa1e0832416198a57abedeaf20d0b7a7e104820caefb5057cab17ffe
1e2498eb3a1fa31e489ecc85b1159ff806e78ea83ec54337f5ce4f5cc3116c30
2e5bab450034472cbb155dd8ea716b89ade7cafc88ee76b6acd010d05da3571a
346b80a02bd15dd1af830984a5f413f7467847b40ca759d5dbf86a2d57c2ea75
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34d729229eee218af73ecf2cd2ca6de72afad08003d1016f65001cf831d22c72
39fa568a092fdebfdbd1f074bf936bbe0dc6e7b7b470b267ec459622552a24a7
404e5254ffc1ebd7b398d188fdf49c04aa01e98077ac8944de5eb73ae7cce0f5
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb
4cd5db59c5cceb7e3465606d877028c86aee0a67ce5ff5a672b7b4160534d54b
5264f64cdd428110425319287958dac385edf69c4d5fb5f6c1b53293aaf8d01f
54d720b35e4615f5cf3123cfc8309c5bf72473cb2325f53c4b5d9bdf7af1df10
5860b392c703859da24a7fb14fa8fe10dbe829839417a214298fd5517224690d
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5bbe611e6b3fd3b25d7dc9b7bf4ac81468da805191033f8e0147c39dd8318b2e
6bcae1eaede6699e89898eb0eb3b0b970f4e5107f6b453d45f7b75fc157e44a7
6bd950c1902e1f2150524c8730d363c52b3fa68f91656b4a7b802f15f3cf9eb8
6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3
79ace1fe882f936723e613ae5cc1ae4c78b46cd280d4262ee7ddb2484be35f74
8a4ca0d1bf5acfa32ad6655e4ba7b7bbd7463274b84159c6e4aa2b8cbede8713
912867e20ea9b209848c43aa7b6cef1509264483534d41f83b60b98c4b37707a
9155b6369592914e212076aef4247a7f17cde99acbeba93b22fdad4908d1305d
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9e29a20a352977b73bfa59e7eb4e14f2d8d17e1df953e001c59653c704026130
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a66383b381b46cccc8f600e19dedea91beedf07e06bb49f011fa7f7073ead591
be41e7ecc3a74775359a9f34285872ef4bb5a63d4d119a97995205104dcfb5be
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
cd5158a29f458f82d6d01aa20ea24adae231490f6bd746fed7eafd4ee3f0d04e
d5207b9da25852a62823935e029009c043c8eb0acee56439fc2381867bf740a9
e45a1d7590bda6cb0af56a347e979215b8854ac49d54b7091ef1e64d1aa578a6
f5ad96ac2ba2b94eb0b812a28dd7af84cc6b3ec3acf7c400e20084a27489174a
fce7c2517d7b494721aa9556b0908342e570a17de491305f46f9007c88349080
ff747ba94bf09920cf0e00acfc2fffff04f373d13584fd4fee52457ad65bc5a7